SSL Certificate And Round Robin

Sep 22, 2007

We have a few IIS servers that will be acting as front end for our users to split off the load.
Currently, we have one IIS with 1 SSL. we are going to do round robining for the FQDN to span a few IIS servers. I just wanted to make sure we would not run into any issues with the certificate. I was thinking of installing it on one server after generating the CSR and then once the root trusted is in place, export it and import it in all the other servers. Do you think this would be an issue at all? is there a better way?

additionally, the certificate is about to expire, I need a certificate with $1mil insurance, what do you think is the best deal (trusted source) going around? should I do the ones with 256bit too or have you seen any conflicts, do they auto negotiate if the client can only support 128bit?

I just setup a round-robin so that my website is always available even if one of the 2 servers goes down. It works like it should, however, i can't access the userdirs from server2. The userdirs are located on server1.

It's setup like this:

www1.domain.org is server1www2.domain.org is server2www.domain.org is the round-robin. I have 2 WWW's pointed with an A record to each of the server's IP addresses.

On server 1 i have 2 userdirs which are accessible through www1.domain.org/~user . They should also be reachable on www2, because if they are not, they wont be accessible half the time due to the round robin.

I therefore added a .htaccess in www2's root document directory with the following info:

So when i go to www2.domain.org/~user1/, i should be automatically be transferred to server1... but all i get is a 404 error page. It works perfectly when accessed on www1. I don't see what i'm doing wrong. I thought it might be the userDir setting in apache that might be causing trouble.. but that is turned off on server2, so that should not be the problem. Anyone here have any idea how to access the user dirs via server2?

I'm looking to make high availability setup, and wondering how many of you have made it so?we are looking to multi-home the page with a round robin setup, using multiple VPSs/dedicated servers geographically different locations.

Right now i'm still looking at "stale" DNS setup, no automanagement of servers down. Is there a service/software which already offers automatic changes of zones for removing servers which are down, and adding them back when they get back online?

I am trying to do a fail over solution with round robin dns. Our dns is served by windows and our web servers are setup with Linux..

I know round-robin does not by default do a fail over, however my understanding is that a script can be used to remove the failed server for dns, is anyone aware of something that will do this for windows?

It seems the more places we can put servers, the more places boss-man wants them

We're setting up an external network to test back into our network from geographically/carrier diverse locations. We've got about 15 hosts up, but most are in the states, one in london, one in amsterdam, one in frankfurt and one in hong kong.

The current wish list of locations includes -

- Japan- S. Korea- Australia (holy cow bw is expensive in sydney! is anyone charging less than $500 per Mb?)- Paris, France (we have one quote in, but it is pretty pricy)- Italy- Spain- Sweden

I'm doing research and have submitted rfq's to companies in most of these locations, but was hoping for personal recommendations of hosts you have used.

I am running a site that currently has a Geotrust SSL cert installed (Plesk 7.5.3). That certificate is about to expire and I am going with one from a new vendor. My question is, do I need to generate a new CSR before requesting the new certificate or do I use the CSR from the current one and just upload the new certificate file (overwriting the current one) when I get it?

i just got this ssl certificate but i have some doubts how exactly should i set up the whole magic. i created the secure.domain.com which suppose to be the sub-domain for the login page which means when user decide to sign up/login to immediately transfer to the ssl state(sample: see ebay.com and then their https login page). so, far the home page which is domain.com(or www.domain.com) it doesn't need to be covered by the ssl. so, i was just wondering how do i play the game? i know it's kinda tricky and the key is somewhere in the sub-domain name(cP set up), .htaccess and/or index.php files but not very clear to me.

My online store is almost ready to publish and Im trying to work my head around this SSL thing.

So through reading on here Ive determined that only the cart or PII areas need to be secured, not the entire site.

My host provided a free SSL cert but I discovered that it is a domain verification SSL only and there is no "clickable seal" or business verification. Verification is important however Im not sure I need an EV cert (nor that I can afford it).

Does anyone have any suggestions for a SSL cert and what I might need? There was someone in the ads forum offering a GlobalSign OrganizationalSSL cert for $100yr. Does this seem like a good deal? There isnt a lot of feedback about GlobalSign on the net.

I got a plesk VPS and purchased SSL from GoDaddy. After I installed it, I was getting an error message from firefox about “SSL is self signed”. I obviously did something wrong, but what?I first logged into the SSL certificate section and created a new one...

When you create a SSL certificate for www.mydomain.com vs mydomain.com, is the "www" vs "non-www" decided when you generate the CSR (for example, in cpanel/whm)? Or is it "decided" when you actually purchase the certificate?

Certificate for dovecot on server.test.com was expired and a self signed one was created to replace it. You should install a new certifcate as soon as possible to replace the self signed one that was installed to replaced the expired one. You can install a new certificate in WHM under "Manager Service SSL Certificates", or by clicking this link: [url]

i have to install a ssl certificate for one of the websites on my server, i have openssl installed on a centos 5.1 with whm/cpanel i have found this comand to generate a CSR but didnt work dunno what im missing...

i recived below email from my server! what is this and what should i do i don`t use any SSL

Certificate for dovecot on server.test.com was expired and a self signed one was created to replace it. You should install a new certifcate as soon as possible to replace the self signed one that was installed to replaced the expired one. You can install a new certificate in WHM under "Manager Service SSL Certificates", or by clicking this link: [url]

I just set up a client's site on a dedicated server and need to set up an SSL certificate so she can participate in e-commerce. How hard is this to do? Are there any tutorials? She has Cpanel, the server has WHM and it's running Redhat.

I have a VPS and have a problem regarding the SSL certificate cPanel uses for secure connections (webmail, WHM etc..) my original hostname was set to server.simschr.co.uk but then I changed it to another name. However on the SSL certificate it states the old hostname, which I have been told is a bit of a pain. I wondered if there was anyway to change the common name, maybe by editing the certificate on the server?